oval:org.mitre.oval:def:24509

Definition Id: oval:org.mitre.oval:def:24509

Oval ID:	oval:org.mitre.oval:def:24509
Title:	ELSA-2014:0348: xalan-j2 security update (Important)
Description:	Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations (XSLT) content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java. (CVE-2014-0107) All xalan-j2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0348-00 CVE-2014-0107	Version:	5
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	xalan-j2
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test xalan-j2-demo is earlier than 0:2.7.0-6jpp.2 AND xalan-j2-manual is earlier than 0:2.7.0-6jpp.2 AND xalan-j2-javadoc is earlier than 0:2.7.0-6jpp.2 AND xalan-j2-xsltc is earlier than 0:2.7.0-6jpp.2 AND xalan-j2 is earlier than 0:2.7.0-6jpp.2 OR rpm test Oracle Linux 6.x AND rpm test xalan-j2-demo is earlier than 0:2.7.0-9.9.el6_5 AND xalan-j2-manual is earlier than 0:2.7.0-9.9.el6_5 AND xalan-j2-xsltc is earlier than 0:2.7.0-9.9.el6_5 AND xalan-j2-javadoc is earlier than 0:2.7.0-9.9.el6_5 AND xalan-j2 is earlier than 0:2.7.0-9.9.el6_5

Definition Id: oval:org.mitre.oval:def:16594

Oval ID:	oval:org.mitre.oval:def:16594
Title:	Oracle Linux 6.x
Description:	The operating system installed on the system is Oracle Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:6	Version:	5
Platform(s):	Oracle Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:24509

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:24509

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0423s

Facebook rss twitter linkedin mail